Hardware-based full disk encryption

The neutrality of the style of writing in this article is disputed. Please do not remove this message until conditions to do so are met. (April 2013) (Learn how and when to remove this message)

Hardware-based full disk encryption (FDE) is available from many hard disk drive (HDD/SSD) vendors, including: Hitachi, Integral Memory, iStorage Limited, Micron, Seagate Technology, Samsung, Toshiba, Viasat UK, Western Digital. The symmetric encryption key is maintained independently from the computer's CPU, thus allowing the complete data store to be encrypted and removing computer memory as a potential attack vector.

Hardware-FDE has two major components: the hardware encryptor and the data store. There are currently four varieties of hardware-FDE in common use:

1. Hard disk drive (HDD) FDE (self-encrypting drive)
2. Enclosed hard disk drive FDE
3. Removable hard disk drive FDE
4. Bridge and Chipset (BC) FDE

Hardware designed for a particular purpose can often achieve better performance than disk encryption software, and disk encryption hardware can be made more transparent to software than encryption done in software. As soon as the key has been initialised, the hardware should in principle be completely transparent to the OS and thus work with any OS. If the disk encryption hardware is integrated with the media itself the media may be designed for better integration. One example of such design would be through the use of physical sectors slightly larger than the logical sectors.